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[57] ABSTRACT 

One or more policies are implemenled at a Web browser to 
enhance access lo Web servers that host content requested by 
the browser. When the browser issues a request, a name 
service returns a list of IP addresses that may service that 
request. The list is configured as "random" or "ordered*' 
according to a given naming convention or other local 
policy, and IP addresses are selected from the list at random 
or in order (as the case may be) until a connection to an 
appropriate server is obtained. The browser remembers (for 
a given time period) which IP addresses have failed so that 
those addresses are not repeatedly tried. The browser's 
"timeout" period is also selectively varied dq)ending on the 
type of list returned from the name service. 

34 Claims, 4 Drawing Sheets 
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HIGH AVAIlABILrrY WEB BROWSER 
ACCESS TO SERVERS 

BACKGROUND OF TOE INVENTION 
1. Technical Field 

The present invention relates generally to client-server 
computing over the Internet and more particularly to a 
method for ensuring that a Web browser obtains high 
availability to Web services. lo 

3. Description of the Related Art 

The World Wide Web is the Internet's multimedia infor- 
mation retrieval system. In the Web environment, client 
machines effect transactions to Web servers using the Hyper- 
text Transfer Protocol (HTTP), which is a known application 1 5 
protocol providing users access to files (e.g., text, graphics, 
images, sound, video, etc.) using a standard page description 
language known as Hypertext Markup Language (HTML). 
HTML provides basic document formatting and allows the 
developer to specify "links" to other servers and files. In the 20 
Internet paradigm, a network path to a server is identified by 
a so-called Uniform Resource Locator (URL) having a 
special syntax for defining a network connection. Use of an 
HTML-compatible browser (e.g., Netscape Navigator or 
Microsoft Internet Explorer) at a client machine involves 25 
specification of a link via the URL. 

When the user of the browser specifies a link, the client 
issues a request to a naming service to map a hostname (in 
the URL) to a particular network IP address at which the 
server is located. The naming service returns a list of one or 
more IP addresses that can respond to the request. Using one 
of the IP addresses, the browser establishes a connection to 
a server If the server is available, it returns a document or 
other object formatted according to HTML. If the server is 
not available or overloaded, however, the user may receive 
an error message, e.g., "Server not responding*' or the like. 
This is undesirable. 

As Web browsers become the primary interface for access 
to many network and server services, the problem arises of ^ 
how best to ensure "availability" of Web services in a 
manner that is also both scaleable and balanced. Users of 
client machines desire prompt and efficient access to Web 
servers so that Web pages download seamlessly and as fast 
as practicable given the physical constraints of the appli- 
cable network connections. Web site providers desire to 
operate an appropriate number of servers to handle client 
loads in a scaleable and balanced manner. An efficient 
network ensures that clients can find an available server, 
even if servers in the network fail. 

A number of server-based solutions have been proposed 
and/or implemented to attempt to ensure that Internet ser- 
vices remain available, scaleable and well-balanced. One 
type of approach is the "front end" server configuration or 
cluster, wherein a plurality of "proxy" servers are main- 55 
tained at a particular access location common to multiple 
clients, with the servers being used to mirror high traffic Web 
sites. While the front end approach provides certain 
improved service, it is not readily scaleable. Another 
approach utilizes a "round robin" nameserver lo hand out 
one of a list of IP addresses each time the nameserver 
receives an HTTP request. This approach does a poor job of 
balancing request load, and its effectiveness is limited due to 
client caching. 

It would be highly desirable to provide a client-side 65 
solution to ensure "availability" of Web services to a Web 
browser. 
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SUMMARY OF TOE INVENTION 

It is a primary object of this invention to enhance the 
availability of Web server resources to Web clients. 

It is another primary object of the invention to increase the 
speed at which a browser finds an available server to respond 
to a given request. 

It is yet another important object of this invention to 
enhance the availability of Web server resources in a net- 
work from a Web client's perspective. 

It is yet another object of this invention to provide 
improved availability, scalability and workload -balanced 
access from browser clients to servers within a computer 
network or domain. 

It is still another object of this invention to enhance a Web 
browser to enable the browser to fiiUy exploit availability, 
scalability and workload-balancing enhancements that are 
being developed for Web servers. 

According to the present invention, the list of IP addresses 
returned to a Web browser in response to a request is used 
in an "intelligent" manner to enhance the availability of Web 
services. The "intelligence" is provided at the Web browser 
and includes a number of preferred "policies" or functions. 

According to a first policy, a particular list returned from 
the nameserver may be considered "random" or "ordered." 
If the list is configured as a random list, the browser selects 
an IP address from that list at random; if other IP addresses 
are required to make the connection, the browser also selects 
those at random as well. If the list is configured as an ordered 
list, the browser first selects the first IP address from the list 
and, if necessary, uses other IP addresses from that list in an 
ordered sequence. Thus, when the browser tries any IP 
address and finds that the server is not responding, the 
browser tries another address in the list, with the initial IP 
address selected at random or by any other suitable balanc- 
ing algorithm (if a front end approach is used) to balance 
access by the browser to the list of servers. This provides 
good server balance without complex front end technolo- 
gies. 

According to another policy, the browser remembers (for 
a given time period) which addresses have "failed" so that 
these addresses are not tried repeatedly to contact a server. 
Moreover, the browser's "timeout period", i.e. the period 
during which the browser attempts to establish a connection, 
is preferably shortened when there are more untried IP 
addresses in the list. These features improve the perceived 
responsiveness of the browser from the user's viewpoint. 
Preferably, the browser's timeouts are configurable by the 
user to allow the user to tune the behavior to the network 
environment and to the user's preferences. 

The foregoing has outlined some of the more pertinent 
objects and features of the present invention. These objects 
should be construed to be merely illustrative of some of the 
more prominent features and applications of the invention. 
Many other beneficial results can be attained by applying the 
disclosed invention in a different manner or modifying the 
invention as will be described. Accordingly, other objects 
and a fuller understanding of the invention may be had by 
referring to the following Detailed Description of the Pre- 
ferred Embodiment. 

BRIEF DESCRIPTION OF TOE DRAWINGS 

For a more complete understanding of the present inven- 
tion and the advantages thereof, reference should be made to 
the following Detailed Description taken in connection with 
the accompanying drawings in which: 
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RG. 1 is a representative system in which the present 
invention is implemented; 

FIG. 2 is a flowchart illustrating the conventional Web 
server processing associated with an HTTP request from the 
Web client to the server shown in FIG. 1; 

FIG. 3 is a simplified representation of how a nameserver 
returns a list of one or more IP addresses in response to an 
HTTP request; 

HG. 4 is a representation of a Hostname Address List 
(HAL) which facilitates high availability Web browser 
access to Web servers according to the present invention; 

FIG. 5 is a flowchart of a Hostname Process of the present 
invention for resolving a URL to a particular IP address 
according to the present invention; 

FIG. 6 is a flowchart of the Renew HAL routine of the 
Hostname Process that provides an up-to-dale HAL for use 
by the Web browser; 

no. 7 is a Timeout routine of the Hostname process; and 

RG. 8 is a block diagram illustrating a "front end" 
customer configuration that provides load-balanced and 
scale able Web service to client machines that utilize the 
principles of the present invention. 

DETAILED DESCRIPTION OF THE 
PREFERRED EMBODIMENT 

A representative system in which the present invention is 
implemented is illustrated in FIG. 1. A client machine 10 is 
connected to a Web server platform 12 via network 14. For 
illustrative purposes, network 14 is the Internet, an Intranet 
or other known network connection. Web server platform 12 
is one of a plurality of servers which arc accessible by 
clients, one of which is illustrated by machine 10. A repre- 
sentative client machine includes a browser 16, which is a 
known software tool used to access the servers of the 
network. The Web server platform supports files 
(collectively referred to as a "Web" site) in the form of 
hypertext documents and objects. In the Internet paradigm, 
a network path to a server is identified by a so-called 
Uniform Resource Locator (URL). 

A representative Web Server platform 12 comprises an 
IBM RISC System/6000 computer 18 (a reduced instruction 
set of so-called RISC-based workstation) running the AIX 
(Advanced Interactive Executive Version 4.1 and above) 
Operating System 20 and a Web server program 22, such as 
Netscape Enterprise Server Version 2.0, that supports inter- 
face extensions. The platform 12 also includes a graphical 
user interface (GUI) 24 for management and administration. 
The Web server 18 also includes an Application Program- 
ming Interface (API) 23 that provides extensions to enable 
application developers to extend and/or customize the core 
functionality thereof through software programs commonly 
referred to as "plug- ins." 

A representative Web client is a personal computer that is 
x86-, PowerPC®- or RISC-based, that includes an operating 
system such as IBM® OS/2® or Microsoft Windows 95, and 
that includes a browser, such as Netscape Navigator 3,0 (or 
higher), having a Java \^rtual Machine (JVM) and support 
for application plug-ins. 

As is well-known, the Web server accepts a client request 
and returns a response. The operation of the server program 
22 is governed by a number of server application functions 
(SAFs), each of which is configured to execute in a certain 
step of a sequence. This sequence, illustrated in FIG. 2, 
begins with authorization translation (AuthTrans) 30, during 
which the server translates any authorization information 
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sent by the client into a user and a group. If necessary, the 
AuthTrans step may decode a message to get the actual 
client request. At step 32, called name translation 
(NameTrans), the URL associated with the request may be 

5 kept intact or it can be translated into a system-dependent 
file name, a redirection URL or a mirror site URL. At step 
34, called path checks (PaihCheck), the server performs 
various tests on the resulting path to ensure that the given 
client may retrieve the document. At step 36, sometimes 

JO referred to as object types (ObjectType), MIME 
(Multipurpose Intemet Mail Extension) type information 
(e.g., text/html, image/gif, etc.) for the given document is 
identified. At step 38, called Service (Service), the Web 
server routine selects an internal server function to send the 

J 5 result back to the client. This function can run the normal 
server service routine (to return a file), some other server 
function (such as a program to return a custom document) or 
a CGI program. At step 40, called Add Log (AddLog), 
information about the transaction is recorded. 

20 A URL or "Uniform Resource Locator" is defined in RFC 
1945, which is incorporated herein by reference. As is well 
known, the URL is typically of the format "hltp://somehost/. 
. . " where "somehost" is the hostname portion of the URL. 
FIG. 3 illustrates the usual manner in which a URL is 

25 resolved into an actual IP address for a Web server. In 
particular, network 14 (as illustrated in FIG. 1 above) 
includes a nameserver 42 that maps hostnames (in URLs) to 
actual network addresses. A representative example is the 
Domain Name Service (DNS) cunently implemented in the 

30 Internet. The process of having a Web client request an 
address for a hostname from a nameserver is sometimes 
referred to as name resolution. In the current TCP/IP pro- 
tocol used on the Intemet, nameserver 42 resolves the 
hostname into a list (identified by reference numeral 44) of 

35 one or more IP addresses that are returned to the Web client 
upon an HTTP request. Each of these IP addresses identifies 
a server that hosts the particular content that the user of the 
Web client has requested. Thus, the current IP protocol 
allows for a query to a nameserver to resolve a name to an 

40 IP address to return a list of addresses. In the prior art, this 
is a list of one address and most browser products only 
expect, or use, one such address. 

According to a preferred embodiment of the invention, 
the list 44 of IP addresses is used in an "intelligent" manner 

45 to provide high availability Web browser access to Web 
servers. To this end, the list 44 of one or more IP addresses 
are used to build a Hostname Address List (HAL) that is then 
used to control how the particular IP addresses therein are 
accessed and managed by the browser to provide the objects 

50 of the invention. 

FIG. 4 illustrates a preferred format for a Hostname 
Address List (HAL) 50 according to the present invention. 
Preferably, one HAL exists for each hostname to be 
remembered, although one of ordinary skill will appreciate 

55 that a master HAL having sublists may be used as well. The 
HAL 50 is built by the browser (or it could be downloaded 
thereto) and includes an IP Address column 52, a Status 
column 54, and a Timestamp column 56. The IP addresses 
returned from the nameserver are used to populate the IP 

60 Address column 52. In particular, each IP address returned 
from the nameserver becomes an entry in the HAL as 
identified by reference numeral 58. There is also a single 
Hostname 57 for each HAL. The HAL also includes a 
pointer 60, referred to as "Current" and a timestamp 62, 

65 referred to as "HAL13 Timestamp." The timestamp 62 
identifies the time at which the particular HAL is built. 
When the HAL is built, each entry in the Status column 54 
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is set lo "OK". Individual entries may be set lo "Bad" ai With the above background, a preferred implementation 
some subsequent time identified by the timestamp in the of the present invention is now described. The main pro- 
Timcstamp column 56. Thus, initially (when the HAL is first cessing routine for resolving a URL hostname to an IP 
built) the Timcstamp column 56 has null values. address is illustrated in FIG. 5. This functionality is prefer- 
Thus, the HALjgTimestamp 62 is the time that the HAL 5 ably implemented in software as part of the browser, 
is initially built (usually the time the IP Addresses arc Alternatively, the EunctionaUty may be part of a browser 
fetched from the nameserver). The Current pointer 60 is an "plug-in" or helper application. An alternative implemenla- 
index into the "current" entry in the HAL 50, and the Status lion is to buQd in the functionaUiy to the browser itself, 
flag is either "OK" or "Bad". According to the present The routine begins at step 70 upon a given Web browser 
invention, a particular HAL may be deemed to be a "ran- 10 user interface event. Typically, step 70 involves activation of 
dom" HAL. in which case entries from the HAL are selected a Unk in a Web page being currently displayed (e.g., by 
for use by the browser at random, or the HAL may be having the user move the cursor over an anchor and clicking 
deemed to be an "ordered" HAL. in which case entries from Enter). Or, the user may type in a URL (or portion thereof) 
the HAL are selected for use by the browser in an ordered in a known fashion and click Enter. Other types of user input 
fashion (usually, but not necessarily, top to bottom). The 15 actions (e.g., a mouseover or keystroke) may trigger the 
manner in which a particular HAL is identified or set as routine as well. At step 72, the routine gets the hostname 
"random" or "ordered" is quite varied. Thus, for example, a from the URL. A test is then done at step 74 to determine 
given naming convention may be used for this purpose with whether the browser aheady has a HAL which includes the 
all returned lists being deemed "ordered" unless they match hostname. If not, the routine branches to step 76. At step 76, 
a cerUin naming criteria or other locally-implemented 20 ^® browser issues an IP request to the nameserver (e.g., 
policy. Thus, if a set of IP addresses returned from the DNS) lo resolve the URL As is well known, the nameserver 
nameserver includes a hostname that begins with a certain responds by returning a list of one or more IP addresses. At 
value (e.g., an "@"), then the HAL (by the naming step 78, the routine builds the HAL. This involves a number 
convention) may be set at "random". Alternatively, all lists of subsleps. In particular, each IP address returned from the 
returned may be deemed "random" by default unless they 25 nameserver is set up as a row entry (in the HAL). The Status 
satisfy some other local pohcy (in which case they would be column is then set to "OK" for each entry, and the "Current" 
deemed "ordered") . Any particular naming convention (or pointer is set to the first entry in the list. The 
some other local policy) may be used for this purpose. HALisTimestamp 62 is also set at this time. The timestamps 
An "ordered" Ust is sometimes referred to herein as a in Timestamp column 56 remain null values. The branch 
"primary/backup" list to indicate that IP addresses selected 30 ^etums to the main processing loop as indicated, 
therefrom are ordered for use (with the first address being If the outcome of the test at step 74 indicates that the 
considered "primary" and the remainder of the addresses browser already has the HAL for the hostname, the routine 
being the "backup" addresses, although the reverse sequence continues at step 80 to a Renew HAL subroutine. Renew 
or some other ordered sequence may be used as well). When HAL functions generally to ensure that the most up-to-date 
the HAL is random, the client selects a random entry, as will 35 HAL (with the most up-to-date entry) is being used to 
be seen. In a preferred embodiment (as will be illustrated resolve the URL. Step 80. which will be described in detail 
below), if a particular HAL is not identified as a random list, below in the flowchart of FIG. 6, remras an IP address list 
then the HAL is used as a "primary/backup" list. When the 52 for use by the browser, or it returns an error. If the Renew 
HAL is used in the "primary/backup" manner, the first entry HAL routine returns an error, the routine branches to step 82 
in the HAL is the preferred server. The chent then initially 40 and provides an error indication to the user. Typically, this is 
attempts to access the primary (first) server. If it is unable to accomplished via a dialog box or the like, 
access the first server, it works its way down the list in an If the Renew HAL routine returns without an error, or 
ordered manner. after step 78, the main processing routine continues at step 
The advantages of the present invention are provided by 84 to test whether the connection is a new host connection, 
implementing HALs and enforcing one or more "policies" at 45 In particular, in the HTTP 1.0 protocol commonly in use, a 
the browser with respect to those lists. According to one call to retrieve a Web page usually involves an initial 
policy, the browser selects a random IP address from a connection (to retrieve a base HTML document) and then 
"random" list or the first (i.e. the "primary") item from a any number of subsequent connections (to retrieve embed- 
"primary/backup" list. When the "primary/backup" list is ded objects, such as image files, that are required by the base 
used, the browser works its way down the Ust as necessitated 50 HTML document). In the present invention, it would be 
by any failures. According to another policy, the browser undesirable to perform the routine each time the browser 
preferably re-fetches IP addresses and thus re-builds HALs attempts to reconnect to the server in order to retrieve an 
accordingly, especially random lists, as frequently as pos- object required by the base HTML page. Thus, step 84 tests 
sible. Another policy enforced is that the browser re-selects to determine whether the connection is a new host connec- 
a random list element whenever a new host connection (as 55 tion (e.g., an HTTP GET request for the actual base HTML 
will be described below) is established or perhaps even more document). If the outcome of the test at step 84 is negative, 
frequently. If a particular server fails to respond in response which indicates that the base HTML document is required, 
to a selected IP address, a "timeout" policy is preferably the routine continues at step 85 to contact the server (as 
enforced. In particular, the browser marks (in the HAL) the defined by the Current IP address returned firom the HAL), 
failed entry "Bad" for a given time period (e.g., one hour). 60 At step 86, a Timeout function is initiated. Timeout function 
Further, another policy that is advantageous is to shorten the is iUustrated in HG. 6. If the Timeout function is triggered 
timeout period normally used by the browser before a new (as will be described), then the connection to the host could 
IP address is tried. This latter poUcy is especially useful not be established. As a result, a Retry attempt is made at 
when random entries remain untried. These techniques, step 87. 

whether individually and/or collectively, improve Web 65 If the outcome of the test at step 84 is positive, the routine 

browser access to Web servers in the computer network and continues at step 88 to determine whether the HAL is a 

enable servers to be easily scaled and load -balanced. random list. As noted above, a particular HAL may be 
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defined as "random" by a given convention thai may be The browser timeout period is preferably variable. Thus, 

selected by the user or otherwise set by the browser or the for example, in one embodiment, the user may configure (he 

system on which the browser is running. If the outcome of browser timeout period manually by accessing the browser 

the test at step 88 is negative, which indicates that ihc HAL "Preferences" and re-seiting the timeout period. A more 

is not a random list, the list (in the preferred embodiment) 5 preferred approach is to alter the timeout period automati- 

is a "primary/backup" list. Thus, the routine branches to step cally as a function of the type of list (e.g., random or 

85 to contact the host (and issue the Timeout) as previously ordered) returned from the name service and/or the number 

described with respect to the first Hostname from the (p addresses on the list that remain untried. Thus, for 

prunary HAL, If, however, no entry can be found from the ^^e browser may dynamicaUy alter the timeout 

HAL, the rouune branches to step 82 and returns and error HAL is a random list, or if the number of 

indication to the user. If the outcome of the test at step 88 is ^^^^^^ ^^^^^^ ^ ^ ^ 3 ^^^^^ 

positive, which indicates that the HAL is a random list ^^^^^^ ^od could be varied (usuaUy decreased) as a 

(accordiDg to some predetermined naming convention or the ^^^^-^^ ^^^^^ ^^j^^^ 

hke), the routine branches to step 90. In particular, at step 90, ^^^^^j ^^^^^^ ^e varied as each entry on a given 

the browser randomly picks an HAL entry and sets the ^ ^^^^^ ^^^^ ^^^- ^^ ^^^^ ^^^^^^ ^ 

"Current" pointer (to that entry). The routine then passes variables are preferably configured, either manually or 

control to steps 85-86 as previously described. This com- automatically. 

pletes the main processing routine. _ * . .. j . * 

^ .„ L Ti wt*T J . c J The present invention provides numerous advantages. As 

FIG 6 lUustraies ihe Renew HAL process identified namesewer and IP pTolocol 

above Id a preferred embodmieni this routine uses three (3) definitions aUow a namescrver entry for a server to have a 

variables: T,-minutes after which a host may be retried ,p ^^^^^ ^^^j,^^ ,p 

T=m mules after which a random list should be re-fetched . , , .u i- » a j- * .u • *■ .u- i- . 

, • . f. u- u • / protocol returns the list. According to the invention, this list 

from the nameserver, and T^«rainutes after which a prunary/ T . c--™,^ „tK«, *i,o« ™ 

IS then used to identify a set of servers, rather than one, 

backup list should be re-fetched from the nameserver. These „,k;^u ..o*^ *^ ,.c.^, ™,.«*c. 

. . *; . . . i_ • * J J c which may be used to satisry user requests, 

variables may be set at the browser using standard configu- ^ . . . , 

ration options FIG. 8 illustrates how the present invention may be used 

TTie routine begins at step 92 by going through the HAL '"^ browser availability as proxy servers are 

entries for the HAL returned. If the timestamp is older than "^^'<^ °' l^""^*" "1 " f'""' if,'""!',^^ '° 

T„ then Status is set to "OK". At step 94. a test is performed '° '".s example, servers 130 132 and 134 are proxy 

to determine whether the list is a random list. If the outcome 30 ^''T^\T^^T\rt■!'JAV'^ ,^ 

of the test at step 94 is positive, the routine continues at step ^^"^ " ! ^ T ^ ^ I' " 

96 to test whether the list is older than the T, value. If not. \P^'^P^'=^'^^ °f \ ^hent machine 

the routine returns at step 98 (which passes control back """'"'8 » ^'"T^'- P"'" nameserver s 133 perspective 

before step 84 in FIG. 5). If. however, the outcome of the test l'^^^^*'- each server is mapped .0 a separate name, and each 

* * n/:- J- * 4U /*u 1-^* ^1^-, 41,- tu- server generates its own HAL. Thus, when the user at a 

at step 96 indicates that the list is older than the value T„, the 35 i- . ^ . . ^. , , , ttoi «u u * *u 

* 4 inn t« « f-t^u tu- ID nr. client machme activates a link to the URL, the browser at the 

routine continues at step 100 to re-fetch the IP addresses (in ^ , . r jj . i_ 

^ ,■ ,x f ,1 „„J.«c*«,*>.. At et^r, mo th^ UAi \e client machme receives a list of IP addresses that may be 

the list) from the nameserver. At step 102, the HAL is • . j 1^1 -n. «c. * j" 

rebuilt, and the routine then returns at step 98 (which passes associated with server 13M32 or 134. Tie front end may 

control back before step 84 in FIG. 5). ^ ^^^'^ transparently to the clients by adding or removing 

,^ , n/- J* . 1* proxy servers as may be required. As a system administrator 

If the outcome o the test at step 94 indicates that the bst « ^^^/^^ I ^ ^ ^^ availability 

is not a random hs . then (accordmg to the preferred ^^^^^ 

embodiment), the HAL is a primary/backup list. Thus, a est ^^^^ ^^^^^ ^^^^ ^^^^ ^^^.^^ ,^ 

is performed at step 104 to determine whether the list is available 

older than the value T-,. If so, the routine continues at step ^ e avai a ®; . ; 

106 to re-fetch the IP addresses (in the particular HAL) from 45 particular IP addresses m the lists may be 

the nameserver. At step 108, the HAL is rebuilt. If, however, replicated to control balance. Thus, when all the entries 

the outcome of the test at step 104 indicates that the list is represent active servers, duphcaie entries are made for 

older than T^ or after step 108, the routine continues at step ""^'^^^ ^^^^^^ to increase the probability of selecting that 

110 to locate the first "OK" entry, which is then set to server. This provides a useftil level of balancing based upon 

"Current." If no entry is "Current", the routine branches to 50 ^^^^^ capacity. 

step 112 and returns an error Otherwise, the selected entry As previously described, the present invention preferably 

is returned at step 98 (which returns control to just before implements a naming convention to identify a list as 

step 84 in FIG. 5). This completes the processing. "random", "primary/backup*' (or some other type). There are 

no. 7 illustrates the Timeout function 86, which is a number of different ways in which these server lists may 

invoked if the host fails to respond in the given time. The 55 then be used to enhance availability, scalability and balance, 

routine begins at step 114. In particular, a lest is made to For example, all the entries may represent active servers 

determine whether the host responds in the specified time. If which should be used to service requests. If clients randomly 

so, the browser connects to the server at step 116. If, select from among the entries, this pohcy provides a basic 

however, the outcome of the test at step 114 is negative level of load balancing among servers, 

(because the specified timeout period has elapsed), the 60 Presently, most browsers cache the IP address (used to 

routine continues at step 118. In particular, the routine marks access a server) and continue to use it in order to reduce 

the "Status" of the "Current" entry (and all others with the response time and minimize nameserver load. However, in 

same IP address) as "Bad". At step 120, the routine sets the order to be responsive to changes to the nameserver list, 

limestamps for the entries just marked "Bad" with a current according to the invention the list should not be cached for 

time (there may other previously-marked "Bad" entries 65 too long a period. How long this period should be is variable, 

whose timestamps are not changed). The routine then con- but a preferred time period is from once a day to once a 

tinues at step 122 to Retry. This is step 87 in FIG. 5. week. Thus, when a site needs to add many servers to handle 
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an unexpected load (e.g., as NASA did during the recent skill in the art would also recognize that such methods may 
Mars exploration when live pictures were hosted on the be carried out in hardware, in firmware, or in more special- 
NASA Web site), il is desirable that repeat users (who may izcd apparatus constmcted to perform the required method 
have cached the list) re-fetch the IP address list so that they steps. 

select among the current ftill set of available servers, 5 The present invention avoids the need for a "front end" for 

Another desirable policy is for the browser to re-select a ^^'^^ balancing and scalabiUty. It provides significant 

random list element whenever a new session is established. advantages over prior server-based approaches with lower 

This policy ensures that the same address is not cached and ^^^^ ^""P^^^ management and better rehability. 

used for repeated sessions. Browsers should rcsclcct from ^ herem. Web chenf should be broadly construed 
"random" lists at least daily and preferably even more lo ^^^n^an any computer or component thereof direct y or 

r , J r J mdirectly connected or connectable in any known or later- 

^" . developed manner to a computer network, such as the 

As also described, a special poLcy may be unplemented internet. The term "Web server" should also be broadly 

if a server fails to respond lo a given HTTP request. In construed to mean a computer, computer platform, an 

particular, the browser marks the entry "Bad" for a short adjunct to a computer or platform, or any component 

while (e.g., one hour) and tries the next list entry on a thereof. Of course, a "client" should be broadly construed to 

primary/backup list or another random entry on a random mean one who requests or gets the file, and "server" is the 

list. entity which downloads the file. Moreover, the invention 

One of the main benefits of having the HAL is improved may be used or practiced in any ty pe of Internet Protocol 

Web server availability. To this end, the browser should (IP) client, not just within an HTTP-complaint client having 

detect the failure to reply by a server and attempt to connect » Web browser. Thus, as used herein, references to 

to another address in the fist. To keep from continuaUy "browser" should be broadly construed to cover an IP client, 

attempting to contact a bad server (especially the primary Having thus described our invention, what we claim as 

server in a primary/backup list), the browser "marks" the ^nd desire to secure by letters patent is set forth in the 

entry as "Bad" and avoids using it. following claims 

.. . - , .... 25 What IS claimed is: 

However, especially with a prmiary/backup list, it is ^ ^ ^^^^^ communication in a computer network 

desirable that clients resume using primary servers as soon comprising at least one client, a plurality of servers, and a 

as possible when the servers are restored to service. nameserver, where in response to a request issued from the 

Therefore, the invention enforces a policy whereby a client browser, a list of server addresses is returned from the 

retries entries that were marked "Bad" at a fairly frequent nameserver, the method operative in the client and, com- 

interval (at least once an hour) (so long as the client is still prising the steps of; 

makmg requests, of course). This policy enables the client to favoring a given server address over other server 

access servers that, while previously down or overloaded, addresses in the list based on a given policy; 

are later returned to service or otherwise available to handle attempting to establish a connection from the client 

the request. 25 machine to a server identified by the given server 

With a primary/backup list, all clients preferably work address; 

their way through the list from first to last. This ensures that if, during a timeout period, the connection to the server 

if a primary IP address fails and there are multiple backups, identified by the given server address cannot be 

that all clients will attempt to go to the same backup established, restricting use of the given server address 

(primary/backup lists are preferably used when a front end for a given time period; and 

customer wants to concentrate activity on one server, yet attempting to establish a connection from the client 

provide backup). machine lo a second server identified by at least one of 

Browsers preferably set a short timeout, especially for the other server addresses in the list, 

random entries. A shorter timeout minimizes the delay 2. The method as described in claim 1 wherein the given 
experienced by a user when the server being contacted has 45 policy establishes the list as a random list and the given 

failed, server address is an address selected from the list at random. 

These techniques combine to improve availability, seal- 3, The method as described in claim 2 wherein the other 

ability and balance to servers of many types. They also server address is selected from the list at random, 

handle many failure types which "system clustering" tech- 4. The method as described in claim 2 wherein prior to 
nologies cannot even detect, and they work well for servers 50 selecting a given server address, the method includes the 

that are geographically dispersed. Although the inventive steps of: 

policies are preferably implemented in a browser running in determining whether a given first time period has elapsed 

a client machine, one of ordinary skill will appreciate that since the random list was last retrieved from the 

one or more of the above polices may also be useful in nameserver; and 

gateway servers such as proxy and socks servers. 55 if the given first time period has elapsed, re-fetching the 

As noted above, one of the preferred implementations of list from the nameserver. 

the invention is as a set of instructions (program code) in a 5. The method as described in claim 1 wherein the given 

code module resident in the random access memory of the policy establishes the list as an ordered list and the given 

computer. Until required by the computer, the set of instruc- server address is a first address in the list, 
tions may be stored in another computer memory, for 60 6- The method as described in claim 5 wherein the other 

. example, in a hard disk drive, or in a removable memory server address is a next address in the ordered list, 

such as an optical disk (for eventual use in a CD ROM) or 7. The method as described in claim 5 wherein prior to 

floppy disk (for eventual use in a floppy disk drive), or selecting a given server address, the method includes the 

downloaded via the Internet or other computer network. In steps of: 

addition, although the various methods described are con- 65 determining whether a given time period has elapsed 

venienlly implemented in a general purpose computer selec- since the ordered list was last retrieved from the 

lively activated or reconfigured by software, one of ordinary nameserver; and 
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if the given time period has elapsed, re-fetching the list 
from the namcserver. 

8. The method as described in claim 1 wherein the timeout 
period is variable. 

9. The method as described in claim 8 further including 
the step of decreasing the timeout period if, during an 
attempt to establish a connection, other server addresses in 
the list remain unused. 

10. A computer program product in a computer-readable 
medium for use in a Web client connectable in a computer 
network having a plurality of servers and a name service, 
comprising: 

means responsive to selection of a hypertext reference for 

issuing a request to the name service and receiving in 

return a list of server addresses; 
means responsive to the issuing means for favoring a 

given server address over other server addresses in the 

list based on a given policy; and 
means for restricting use of a given server address on the 

list for a given time period. 

11 . The computer program product as described in claim 

10 wherein the restricting means is responsive to a failure to 
establish a connection from the client machine to a server 
identified by the given server address during a given timeout 
period. 

12. The computer program product as described io claim 

11 wherein the restricting means further includes means for 
varying the given timeout period. 

13. The computer program product as described in claim 
10 wherein the given policy configures the list as a random 
list and the given server address is an address selected at 
random. 

14. The computer program product as described io claim 
10 wherein the given policy configures the list as an ordered 
list and the given server address is a first address on the list. 

15. The computer program product as described in claim 
10 further including: 

means for determining whether a given time period has 
elapsed since the list was last retrieved from the name 
service; and 

means responsive to the determining means for selec- 
tively re -fetching the list from the name service. 

16. The computer program product as described in claim 
10 wherein the computer program product is a browser. 

17. The computer program product as described in claim 
10 wherein the computer program product is a browser 
plug-in. 

18. A computer for use as a client in a computer network 
having a plurality of Web servers and a name service, 
comprising: 

a processor having an operating system; 

a Web browser including means responsive to selection of 

a hypertext reference for issuing a request to the name 

service and receiving in return a list of server 

addresses; and 
means associated with the Web browser for enhancing 

access to the plurality of Web servers, operative in the 

client and, comprising: 

means responsive to the issuing means for favoring a 
given server address over other server addresses in 
the list based on a given policy; and 

means for restricting use of a given server address on 
the list for a given time period. 

19. TTie computer as described in claim 18 wherein the 
restricting means is responsive to a failure to establish a 
connection from the client machine to a server identified by 
the given server address during a given timeout period. 
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20. The computer as described in claim 19 wherein the 
restricting means further includes means for varying the 
given timeout period. 

21. The computer as described in claim 18 wherein the 
given policy configures the list as a random Ust and the given 
server address is an address selected at random. 

22. The computer as described in claim 18 wherein the 
given policy configures the list as an ordered list and the 
given server address is a first address on the Ust. 

23. The computer program product as described in claim 
18 further including: 

means for determining whether a given time period has 
elapsed since the list was last retrieved from the name 
service; and 

means responsive to the determining means for selec- 
tively re-fetching the list from the name service. 

24. A method of enhancing Web browser access to a 
plurality of servers in a computer network, where io 
response to a request issued from the Web browser, a list of 
server addresses is retwned from a name service, the method 
operative in the client and, comprising the steps of: 

biasing a given server address over other server addresses 

in the list based on a given policy; 
attempting to establish a connection from the client 
machine to a server identified by the given server 
address; and 

if the connection cannot be established using the given 
server address, using other server addresses in the list 
to respond to the request. 

25. The method as described in claim 24 wherein the 
given policy configures the list as a random list and the given 
server address is an IP address selected at random. 

26. The method as described in claim 24 wherein the 
35 given policy configures the list as an ordered list and the 

given server address is a primary IP address. 

21. The method as described in claim 24 further including 
the step of re-fetching the Ust from the name service prior to 
the biasing step if the Ust is older than a given age. 

28. A method of enhancing Web browser access to a 
plurality of servers in a computer network, where in 
response to a request issued from the Web browser, a set of 
server addresses is returned from a name service, the method 
operative in the cUent and, comprising the steps of: 

biasing a subset of the server addresses over other server 
addresses in the set, wherein each of the server 
addresses in the subset is a dupUcate; 
attempting to establish a connection from the client 
machine to a server identified by the server addresses in 
the subset; and 
if the connection cannot be established, using other server 
addresses in the set to respond to the request. 

29. A method of enhancing Web browser access to a 
plurality of servers in a computer network, where in 
response to a request issued from the Web browser, a Ust of 
server addresses is returned from a name service, the method 
operative in the cUent and, comprising the steps of: 

biasing a given server address over other server addresses 

in the Ust based on a given policy; 
attempting to establish a connection from the client 
machine to a server identified by the given server 
address; and 

if the connecUon cannot be establish using the given 
server address, associating the given server address 
with a given status and using other server addresses in 
the Ust to respond to the request. 
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30. The method as described in claim 29 wherein the 
given slams indicates thai the given server address is a bad 
address. 

31. The method as described in claim 29 further including 
the step of maintaining the given status for a predetermined 5 
time period during which the given server address is not 
used. 

32. The method as described in claim 31 further including 
the step of altering the given status after the predetermined 
time period. lO 

33. A method of communication in a computer network 
comprising at least one client, a plurality of servers, and a 
nameserver, where in response to a request issued from the 
browser, a list of server addresses is returned from the 
nameserver, the method operative in the cUent and, com- 15 
prising the steps of: 



14 

favoring a given server address over other server 
addresses in the list based on a given policy; 

attempting to establish a coimection from the client 
machine to a server identified by the given server 
address during a timeout period selected as a function 
of a number of untried server addresses in the list. 

34. The method as described in claim 33 further including 
the steps of: 

during the timeout period, determining if the connection 

to the server identified by the given server address can 

be established; and 
if not, attempting to establish a connection from the client 

machine to a second server identified by at least one of 

the other server addresses in the list. 

« 4> « * * 
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[57] ABSTRACT 

A dedicated data packet filtering processor whose only 
function is to filter data packets based on a list of source IP 
addresses stored in high-speed memory of the processor. The 
processor has a specialized operating system which controls 
the operation of the processor. The processor examines the 
source IP address of each received data packet to determine 
if the source IP address matches one of the stored source IP 
addresses, and if there is a match, either discards or forwards 
the data packet depending on the processor configuration. 
The list of source IP addresses are updated by a service 
provider having a central administrative site. The service 
provider keeps these lists up to data and periodically updates 
the sotu-ce IP addresses stored in the random access memory 
of the dedicated IP filtering processors. 
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APPARATUS FOR FILTERING PACKETS ing Apparatus and Method Using Repeater and Cascade 

USING A DEDICATED PROCESSOR Interface with Scrambling." The '340 patent relaies to 

CTCT n rn? TTJir TKrA/cKmnw interfacing nodes in a network. Each node is associated with 

FIELD OF THE INVENTION ^ «f « 

a plurality or working ports. When a node receives an 

The invention relates to packet filters in general. More 5 incoming data packet, the destination address of the data 

particularly, the invention relates to a method and apparatus packet is compared against a stored address table to deier- 

for filtering data packets using a dedicated processor and a mine if the data packet is destined for a working port 

list ofsourcc addresses stored in high-speed memory, as well associated with the node. The node will only transmit the 

as a means for pcriodicaUy updating the list of source data packet to the node's working ports if there is a match, 

addresses to ensure the list is kept current. 10 Similarly, when a node receives an outgoing data packet, the 

BACKGROUND OF THE INVENTION destination address of the data packet is compared agains! 

^ ^ the stored address table to determine if the data packet is 

Many companies and mdividual homes have acj^ to the ^^^^.^^^ ^ ^^^^ associated with the node. If there 

fw '^u P^^^^^^^^^y' ^^^1^ is a match, then the node will transmit the data packet back 

(WWW). With the growing number of Internet sites, there is ^ ^^^^ ^^^^ Otherwise, the node will transmit the 

also a growmg number of sites which provide content that ^^^^ ^^^^^ ^^^^^ ^ 

some companies may deem mappropnate for the workplace. ^^^^^^ unwanted data packets, but is instead used for 

Similarly, there are many Internet sites which provide con- ^^^^^^^ ^^^^ j^^^ ^^^^^^ .^^g 

tent that parents may deem mappropnate for young children. ^^^^^^ ^jie '340 patent fails to disclose a means for updating 

Data packet filters are currently available which filter out the source address list 

data packets from certain Internet sites. On the commercial r? „ r „ * % u • . j .u . t„* 

. , ^, r. • t .J ^ c . From the foregoing, it can be appreciated that a substan- 

side, these filters are often implemented as part of a router . -.r uu <- 

..I 11 » ^ L ■ J -J 1 -J 1 lial needs exists for a high performance data packet filter 

or "firewall. On the .ndmdual side, these fi teis are imple- ^^^.^^ ^ ^^^^ ^^^^ ^^^^^^ IPaddrcsscs. 

mented as programs which nin on a personal computer and ^^^^ ^ ^ an efficient way to administer source 

Operate m conjunction with individual browser software. 25 jp address lists 
Both the commercial and individual filters operate by storing 

Usts of prohibited source addresses, such as Internet Proto- SUMMARY OF THE INVENTION 

col (IP) addresses, and filtering out any data packets Qne embodiment of the present invention proposes a 

received from a site with a prohibited source IP address. One dedicated data packet filtering processor whose only func 

problem with the currently available filters is that there is a 30 ^^^^ gner ^ata packets based on a list of source IP 

performance degradation as the list of prohibited source IP addresses stored in high-speed memory of the processor. The 

addresses grows. Another problem is the administration of processor has a specialized operating system which controls 

prohibited source IP address lists. Internet sites are being operation of the processor. The only function of the 

added and changed every day. and it is very difficult to keep processor is to look at the source IP address of each received 

a prohibited source IP address list up to date. 35 ^ata packet to determine if the source IP address matches 

One example of a conventional data packet filter is one of the stored source IP addresses, and if there is a match, 

described in U.S. Pat. No. 5,606,668 titled "System for to either discard or forward the data packet depending on the 

Securing Inbound and Outbound Data Packet Flow in a processor configuration. Since the processor is dedicated to 

Computer Network." The '668 patent relates to computer task, it can perform the filtering process very quickly 

network security and the control of information flow 40 and eflGciently. In various embodiments, the filtering pro- 

between internal and external network destinations. The cesser may be used in conjunction with a local area network 

patent broadly describes prior art packet filtering using and many end users (such as in a commercial or business 

access list tables. The patent is directed to a filter module environment), or a single end user computer (such as in a 

which provides network security by specifying security rules home environment). Further, the filtering processor may be 

for network traffic and accepting or dropping data packets 45 connected to the Internet via wired connections or wireless 

according to the security rules. The rules are implemented in connections, such as a fixed wireless network, 

packet filter code which is executed by packet filter modules ^^th these and other advantages and features of the 

located at various locations within the network. invention that will become hereinafter apparent, the nature 

The packet filter disclosed in the '668 patent, however, is t^e invention may be more clearly understood by refer- 
less than satisfactory for a number of reasons. In accordance 50 cnce to the following detailed description of the invention, 
with the disclosure of the '668 patent, the packet filter appended claims and to the several drawings attached 
modules are embodied as "virtual machines" residing on herein, 
existing network host computers. Thus, these filters are 

software modules executing on existing network computers, BRIEF DESCRIPTION OF THE DRAWINGS 

and are not separate dedicated filtering processors. Further, 55 FIG. 1 illustrates a network topology suitable for prac- 

this patent fails to describe a method for administering and ticing one embodiment of the invention. 

updating the access list tables. In addition, the packet filter FIG. 2 is a block diagram of a packet filter processor in 

disclosed in the '668 patent is implemented between the data accordance with one embodiment of the invention. 

link layer and network layer of the International Standard- piG. 3 is a block flow diagram of steps for filtering data 

ization Organization (ISO) protocol stack asset forth in ISO 60 packets in accordance with one embodiment of the inven- 

standard 7498 titled "Basic Reference Model for Open tion 

Systems Interconnection" (1984) Therefore, the packets pjc. 4 is 3 block diagram of a list server in accordance 

must unnecessarily pass through the protocols set forth for ^-^^ embodiment of the invention, 
the data link layer before being filtered, which slows down 

the processing speed of the packet filter. 65 DETAILED DESCRIPTION 

Another example of a conventional data packet filter is Referring now in detail to the drawings wherein like parts 

shown in U.S. Pat. No. 5,615,340 titled "Network Interfac- are designated by like reference numerals throughout, there 
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is illusiraied in FIG. 1 a network topology suitable for operating system 39 for packet filler processor 14. NVRAM 

practicing one embodiment of the invention. As shown in 42 is used to store user defined parameters 45, and operating 

FIG. 1, a first network 10 is connected to a router 12. Router system parameters 43 used by the operating system stored in 

12 is in turn connected to a packet filler processor 14. Packet PROM 40. DRAM bank 32 is used lo store an address list 
filler processor 14 is connected to a second network 16 and 5 33 of source IP addresses. 

an end-user terminal 18. _ ^ ^ ^ The heart of packet filter processor 14 is a dedicated high 

Networks 10 and 16 are padcet based networks su^^^ performance microprocessor 38. Any microprocessor 

Transmission Control Protocol/Internet Protocol (TCP/IP) ^ j^j^ of operating at the speeds necessary to implement of 

networks or X.25 networks. A packet onginales from net- .u t f *i. 1 * cu . 

work 10 with an intended destinalion to networi; 16 or ,„ ^,'^"'°! °^ packet filter processor is appropriate. 

eod-user terminal 18. Both the source and destinalion '° Examples of procwsoR suitable to practice the mvent.on 

addresses are included in the packet. ^"'•"^^J^!. '^^^ ^^'^^ ?^„P'"."*^'?; ^ 

It is worthy to note that the network topology shown in P^nHum®. Penhum® Pro. and Pentium® H microproces- 

FIG, 1 is exemplary only. The possible number of network 

configurations is virtually limitless, the design of which is Packet filter processor 14 also includes a connector 34 and 
well-known in the art. The present invention may work on * interface 36, both of which are attached to processor 38. 

any network configuration utilizing packet technology for Connector 34 and interface 36 both adhere to Electronic 

transporting voice, image or data signals. Industries Association (EI A) Standard RS-232-C titled 

The placement of packet filter processor 14 in a network "Interface Between Data Terminal Equipment and Data 
is also variable depending on where a network designer Communication Equipment Employing Serial Binary Data 
would desire to control the in-flow or out-flow of packets Interexchange," October, 1969. Finally, packet filter proces- 
betwecn networks or network devices. In this embodiment sor 14 includes a clock 26 and clock counter 28 to control 
of the invention, packet filter processor 14 is positioned at the timing of packet filter processor 14. 
the only entry and exit point of either network 10 or 16, Packet filter processor 14 operates in accordance with 
thereby controlling which packets enter either network. It operating system 39, which is comprised of a set of corn- 
can be appreciated, however, that packet filter processor 14 puler program instructions which are stored in PROM 40, 
could be placed on an individual network device, such as a Since a list of source IP addresses can include a large 
personal computer, thereby controlling the flow of packets number of addresses, e.g., ranging from hundreds to several 
only to the personal computer, or in any other strategic point thousand, the processing time required to compare a source 
within a network. IP address of an incoming packet with a list of several 

FIG. 2 is a block diagram of a packet filter processor in thousand source IP addresses is enormous, and significantly 

accordance with one embodiment of the invention. As degrades the performance of many conventional packet 

shown in FIG. 2, Local Area Network (LAN) interface (I/F) fiUcrs. According to the principles of the present invention, 

connectors 20 and 48 are coupled to network interface cards however, packet filler processor 14 combines the elements 

22 and 46, respectively. Connector 20 and card 22 are used of a high-speed microprocessor, a source IP address list 

10 interface with network 10, and to accept packets origi- stored in high-speed memory, and a dedicated proprietary 

nating from network 10. Connector 48 and card 46 are used operating system, to ensure that data packets can be filtered 

lo interface with network 16 or end-user terminal 18, and to at a high-rate of speed. 

accept packets originating from network 16 or terminal 18, Operating system 39 is designed lo control the operation 
Connectors 20 and 48, as well as cards 22 and 46, operate of the processor. More particularly, operating system 39 is 
in accordance with principles well-known in the art. designed such that the processor is directed to look at the 
Further, cards 22 and 46 are designed to adhere lo the source IP address of each received data packet lo determine 
Institute of Electrical and Electronics Engineers (IEEE) if the source IP address matches one of the stored source IP 
standard tilled "Carrier Sense Multiple Access with Colli- addresses, and if there is a match, to either discard or 
sion Detection (CS MA/CD) Access Method and Physical 45 forward the data packet depending on the processor con- 
Layer Specifications, American National Standard ANSI/ figuration. Since operating system 39 and processor 38 are 
IEEE Standard 802.3, 1985 ("IEEE 802,3 standard"). The dedicated lo one task, packet filter processor 14 can perform 
IEEE 802.3 standard defines a technique referred to as the filtering process very quickly and efficiently. The opera- 
CSMA/CD, which is appropriate for a network having a tionof operating system 39, and o f packet filler processor 14 
bus/tree topology. It can be appreciated, however, that jq in general, will be described in more detail with reference to 
network interfaces designed lo work with other medium FIG. 3, 

access techniques or standards could be used for packet filter Another reason packet filter processor 14 is so eflBcient is 

processor 14, and still fall within the scope of the invention. that packet filter processor 14 is implemented between the 

Cards 22 and 44 are connected to one another, and also to physical layer and data link layer of the ISO 7498 protocol 
First In First Out (FIFO) buffers 24 and 44, respectively. 55 slack. The significance of this implementation can be better 

FIFO buffers 24 and 44 are used to store incoming or appreciated in view of some background information of 

outgoing packets in memory until each packet can be network architectures in general. 

compared and sent to networks 10 or 16. network architecture defines protocols, message 

Packet filter processor 14 also includes several types of formats, and standards lo which products must conform in 
high-speed memory. By way of example, this embodiment 60 order to connect property with the network. Architectures 

of tiie invention includes a 96 kilobyte (K) Programmable are developed by standards organizations, common carriers, 

Read Only Memory (PROM) 40, a 32K Non-Volatile Ran- and a computer and network vendors. Network architectures 

dom Access Memory (NVRAM) 42, and a Dynamic Ran- use a layered approach, whereby functions are organized 

dom Access Memory (DRAM) bank 32. There is also a into groups and assigned to specific functional layers in the 
DRAM control 30 for DRAM bank 32. 65 architecture. Network architectures define the interfaces 

Each type of memory is used to store data for packet filter between layers in a given network node and within the same 

processor 14. For example, PROM 40 is used lo store an layer in two different nodes. 
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OSI provides a generalized model of system imerconnec- interface card 22 which is designed to convert the electrical 

tion. It encompasses seven layers: application, presentation, impulses received over the physical transmission media into 

session, transport, network, data link, and physical. A brief packets conforming to the standards set forth in IEEE 802.3. 

summary for each layer is given as follows: The packet is stored in FIFO 24. 

1 . Physical Layer 5 Processor 38 reads the source IP address for the packet at 

The physical layer is responsible for the transmission of siep $2, and compares the source IP address with list 33, 

bit stream across a particular physical transmission medium. ^^ich is stored in DRAM bank 32, at step 54. List 33 is 

It involves a connection benveen two machines that allows ^j^^ed in DRAM bank 32 in order to increase the speed at 

electncal signak to be exchanged between them. ^^-^^ ^ata from the list could be retrieved by processor 38, 

* iif J° 1- 1 ^1^*^ . -ui f -J- , , 10 as compared to, e.g., when data is stored on some other 

The data link layer is responsible for providing reliable / jili j- u uj-j- a 

data transmission from one nbde to another and for shielding ''f'^^^ ^^^^ ' . ^^^-^ 

higher layers form any concerns about the physical trans ^lep 56 comprises a test to determine whether there is 

mission medium. It is concerned with the error free trans- i "^^^"^^ ^lep 54 Jf there is a match at step 54, then padcet 

mission of frames of data. ^^^^^ processor 58 records the attempt at step 58 before 

3. Network Layer ^5 passing control to step 60. If there is not a match at step 54, 
The network layer is concerned with routing data from ^^n control is directly passed to step 60. 

one network node to another. It is responsible for Packet filter processor 14 determines whether the packet 

establishing, maintaining, and terminating the network con- should be passed at step 60. The decision whether to pass the 

nection between two users and for transferring data along packet or not is dependent upon the mode in which processor 

thai connection. 20 14 is currently configured. Packet filter processor 14 has a 

4. Transport Layer restrictive mode and a permissive mode. Restrictive mode 
The transport layer is responsible for providing data refers to a condition where a select number of packets are to 

transfer between two users at an agreed on level of quality. be passed, and all others blocked. Permissive mode is where 

5. Session Layer all packets are to be passed except for a select few that 
The session layer focuses on providing services used to 25 require blocking. Thus, in permissive mode, the packet is 

organize and synchronize the dialog that takes place passed if the source IP address for a packet does not match 

between users and to manage data exchange. an address on list 33. If there is a match, packet filter 

6. E^resentation Layer processor 14 drops the packet. In restrictive mode, the 
The presentation layer is responsible for the presentation packet is passed if the source IP address does match an 

of information in a way that is meaningful to the network 30 address from list 33, and is dropped otherwise. 

users, e.g., character code translation, data conversion, or At step 60, packet filter processor 14 determines whether 

data compression or expansion. the packet should be passed depending on whether processor 

7. Application Layer 14 has been set to permissive mode or restrictive mode. If 
The application layer provides a means for apphcation processor 14 has been set to restrictive mode, and there is a 

processes to access the system interconnection facilities in 35 match at step 56, then the packet is passed at step 62 to the 

order to exchange information. destination network which in this embodiment of the inven- 

Packet filter processor 14 is implemented between the tion is network 16 or terminal 18. If processor 14 has been 

physical layer and data link layers described above, in order set to restrictive mode, and there is not a match at step 56, 

to increase the speed at which packets are filtered. The then the packet is dropped at step 64. Conversely, if pro- 

physical layer is responsible for data encoding and decod- 40 cessor 14 has been set to permissive mode, and there is a 

ing. Data encoding refers to translating the bits being match at step 56, then the packet is dropped at step 64. If 

transmitted into the proper elecUical signals to be sent across processor 14 has been set to permissive mode, and there is 

the transmission medium. Data decoding translates the elec- not a match at step 56, then the packet is passed to the 

trical signals received over the transmission medium into the destination network at step 62. In this embodiment of the 

bit stream those signals represent. The data link layer is 45 invention, a default condition is that no feedback is given to 

concerned with data encapsulation/decapsulation and media the system sending the packets for security reasons if a 

access management. These functions, however, are not nec- packet is dropped at step 64. It can be appreciated, however, 

essary for identifying the source address of the packet. For that this default condition can be changed and still fall within 

example, data decapsulation is the function of recognizing the scope of the invention. 

the destination address, determining if it matches the receiv- 50 In accordance with the system administration aspects of 

ing station's address, performing error checking, and remov- the invention, a service provider administers a database of 

ing control information that was added by the data encap- source IP address lists. Each list may contain the IP 

sulation function in the sending station. Therefore, by addresses of particular types of Internet sites. The service 

implementing packet filter processor 14 between the physi- provider keeps these lists up to data and periodically updates 

cal layer and data link layer, processor 14 can maximize the 55 list 33 stored in DRAM bank 32 of packet filter processor 14. 

speed at which it filters each packet. In this manner, end users can be assured that the source IP 

nc 3 illustrates a block flow diagram of steps for address lists stored in their filtering processor are up to date, 

filtering data packets in accordance with one embodiment of List 33 can be updated in at least two ways. First, list 33 

the invention. The description with respect to FIG. 3 will could be updated by connecting Data Terminal Equipment 

assume that a packet is originating from network 10 and has 60 (DTE) such as an asynchronous (ASCII) terminal (or per- 

an intended destination address that is within network 16. It sonal computer emulating an asynchronous terminal) to 

can be appreciated, however, that the operation of packet RS-232 connector 34 of packet filter processor 14. This 

filter processor 14 is identical when the packet originates method would enhance security when updating list 33. 

from network 16 or terminal 18 and has an intended desti- Alternatively, a network connection is formed with a 

nation address within network 10. 65 central administrative site equipped with a list server 70, 

Packet filter processor 14 receives a packet at step 50. preferably through an Internet Service Provider (ISP) using 

Connector 20 receives the packet and passes the packet to a direct network connection or via RS-232 connector 34. 
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List 33 is then updated from the central admioisirative site, 
either by a request by the list server 70 of the administrative 
site, or on the request of packet filter processor 14. List 
server 70 is described in more detail with reference to FIG. 
4. 5 

FIG. 4 is a block diagram of a list server suitable for 
practicing one embodiment of the invention. List server 70 
comprises a main memory module 72, a central processing 
unit (CPU) 74, a system control module 82, a bus adapter 76, 
a list replication module 78, and a user interface module 80, 
each of which is connected to a CPU/memory bus 84 and an 
Input/Output (I/O) bus 86 via bus adapter 76. Further, Ust 
server 70 contains multiple I/O controllers 88, as well as an 
external memory 90, a database 92 and network interface 94, 
each of which is connected to I/O bus 86 via I/O controllers 
88. IS 

The overall functioning of list server 70 is controlled by 
CPU 74, which operates under the control of executed 
computer program instructions that are stored in main 
memory 72 or external memory 90, Both main memory 72 
and external memory 90 are machine readable storage 20 
devices. The difference between main memory 72 and 
external memory 90 is that CPU 74 can typically access 
information stored in main memory 72 faster than informa- 
tion stored in external memory 90. Thus, for example, main 
memory 72 may be any type of machine readable storage 25 
device, such as random access memory (RAM), read only 
memory (ROM), programmable read only memory 
(PROM), erasable programmable read only memory 
(EPROM), electronically erasable programmable read only 
memory (EEPROM). External memory 90 may be any type 30 
of machine readable storage device, such as magnetic stor- 
age media (i.e., a magnetic disk), or optical storage media 
(i.e., a CD-ROM). Further, list server 70 may contain 
various combinations of machine readable storage devices 
through other 1/0 controllers, which are accessible by CPU 35 
74, and which are capable of storing a combination of 
computer program instructions and data. 

CPU 74 includes any processor of sufficient processing 
power to perform the ftinctionaUty found in list server 70. 
Examples of CPUs suitable to practice the invention 40 
includes the INTEL family of processors, such as the 
Pentium®, Pentium® Pro, and Pentium® II microproces- 
sors. 

Network interface 94 is used for communications between 
list server 70 and a communications network, such as the 45 
Public Switched Telephone Network (PSTN) or the Internet. 
Network interface 94 supports appropriate signaling, ringing 
functions and voltage levels, in accordance with techniques 
well known in the art. 

I/O controllers 88 are used to control the flow of infor- 50 
mation between list server 70 and a number of devices or 
networks such as external memory 90, database 92 and 
network interface 94. System control module 82 includes 
human user system control and operation. Bus adapter 76 is 
used for transferring data back and forth between CPU/ 55 
memory bus 84 and I/O bus 86. 

List replication module 78 and user interface module 80 
implements the main functionality for list server 70. It is 
noted that modules 78 and 80 are shown as separate func- 
tional modules in FIG. 4. It can be appreciated, however, that 60 
the functions performed by these modules can be further 
separated into more modules, combined together to form 
one module, or be distributed throughout the system, and 
still fall within the scope of the invention. Further, the 
functionality of these modules may be implemented in 65 
hardware, software, or a combination of hardware and 
software, using well-known signal processing techniques. 



List server 70 operates as follows. A profile is established 
for each packet filter processor customer subscribing to the 
list* updating service. The profile contains a copy of list 33 
for each packet filter processor. List 33 at list server 70 is 
updated with new source IP addresses on a periodic basis. 
Similarly, old or invalid source IP addresses are removed 
from list 33 on a periodic basis. 

The updating of list '33 at list server 70 can be accom- 
plished in two ways. First, the central administrator for list 
server 70 obtains new soiirce IP address information from 
various sources,' such as service providers or search robots 
specializing in gathering source -IP addresses by category, 
e.g., telemarketers, adult material, advertising entities, hate 
groups, and so forth. The central administrator for list server 
70 then updates list 33 at list server 70 with the new source 
IP address information in a timely manner, e.g., within hours 
of receiving the new information. Second, the user of a 
packet filter processor can access list server 70 via user 
interface module 80, and perform updates to list 33 at list 
server 70 directly. The user could update list server 70 in a 
variety of ways, such as adding, deleting or modifying the 
source IP addresses of list 33 stored in database 92 of list 
server 70. 

Once list 33 at list server 70 is updated, list replication 
module sends updated list 33 to each packet filter processor 
according to the profile of each packet filter processor. The 
profile for each packet filter processor contains information 
regarding when and how often list 33 at list server 70 is to 
be replicated to the packet filter processor. For example, list 
33 at list server 70 can be replicated to a packet filter 
processor on a periodic basis, such as every day at a certain 
time, or whenever a change to list 33 at list server 70 is 
performed. In addition, a user of a packet filter processor 
may request an update of list 33, such as when the user has 
modified list 33 at server 70, or in the event list 33 at the 
packet filter processor has become corrupted or lost. 

In addition to updating existing lists for packet filter 
processors, list server 70 has predetermined lists of source IP 
addresses by category. For example, a list of source IP 
addresses for all Internet sites containing adult material can 
be pre-established, and therefore readily replicated to a 
packet filter processor by a user simply accessing the central 
administrative site and making a request. Other lists for 
telemarketing firms, non-business related web sites, a com- 
petitor's network devices, government web sites, and so 
forth, could also be pre-established and made available for 
a user of the packet filter processor. 

Although various embodiments are specifically illustrated 
and described herein, it will be appreciated that modifica- 
tions and variations of the present invention are covered by 
the above teachings and within the purview of the appended 
claims without departing from the spirit and intended scope 
of the invention. For example, although a specific network 
topology has been illustrated in FIG. 1, it can be appreciated 
that any type of network configuration would be suitable for 
practicing the various embodiments of the present invention. 
In another example, although specific equipment was illus- 
trated in FIG. 2 for a particular type of medium access 
technique, it can be appreciated that the packet filter pro- 
cessor shown in FIG. 2 can be modified to include equip- 
ment for any type of medium access technique, such as IEEE 
802.2, 802.4, 802.5, 802.12 and so forth, and stiU fall within 
the scope of the invention. 

What is claimed is: 

1. An apparatus for filtering packets sent from a first 
network to a second network, comprising: 

an input means coupled to said first network for receiving 

data packets from the first network, said data packets 

having an origination address; 
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a first buffer coupled to said input means for storing said 

received packet; 
a first memory segment containing a list of origination 

addresses; 

a second memory segment for storing an operating system ^ 
program for comparing origination addresses for said 
received data packets with said list; 

a processor coupled to said first buffer, said first memory 
segment and said second memory segment for execut- 
ing said operating system program in between physical 
layer and data link layer of a protocol stack followed by 
said processor; and 

an output means coupled to said first buffer for forwarding 
said compared data packets to the second network 15 
based on said comparison. 

2. The apparatus of claim 1, fiirther comprising a second 
buffer for storing said compared data packets prior to 
forwarding said compared data packets to the second net- 
work. 20 

3. The apparatus of claim 2, wherein said first memory 
comprises dynamic random access memory. 

4. The apparatus of claim 3, further comprising a non- 
volatile random access memory for storing parameters used 
by said operating system program. 25 

5. The apparatus of claim 4, further comprising means for 
receiving an updated list of origination addresses. 

6. The apparatus of claim 5, wherein said means for 
receiving comprises an asynchronous terminal device and a 
serial port coupled to said dynamic random access memory. 30 

7. The apparatus of claim 5, wherein said means for 
receiving comprises a network interface card coupled to said 
dynamic random access memory. 

8. The apparatus of claim 1, wherein said first network is 

a fixed wireless network, and said input means comprises 35 
means for receiving said data packets from said fixed 
wireless network. 

9. The appartus of claim 1, wherein said output means 
comprises means for forwarding data packets to a single end 
user terminal, 40 

10. The apparatus of claim 1, wherein said second net- 
work is a local area network, and said output means com- 
prises means for forwarding data packets to a said local area 
network. 

U. An apparatus for filtering packets sent from a first 45 
network to a device, comprising: 

an input means coupled to said first network for receiving 

data packets from the first network, said data packets 

having an origination address; 
a first buffer coupled to said input means for storing said ^0 

received packet; 
a first memory segment containing a list of origination 

addresses; 

a second memory segment for storing an operating system ^ ^ 
program for comparing origination addresses for said 
received data packets with said list; 

a processor coupled to said first buffer, said first memory 
segment and said second memory segment for execut- 
ing said operating system program in between physical $0 
layer and data link layer of a protocol stack followed by 
said processor; and 



an output means coupled to said first buffer for forwarding 
said compared data packets to the device based on said 
comparison. 

12. A method for filtering a packet sent from a first 
network to a second network, comprising: 

receiving a data packet from the first network; 

determining an origination address for said data packet; 

comparing the origination address for said received data 
packet with a list of origination addresses, wherein said 
comparing is performed in between physical layer and 
data link layer of a protocol stack followed by said 
processor; and 

determining whether to forward said compared data 
packet to the second network based on said compari- 
son. 

13. The method of claim 12, further comprising: 
forwarding said compared data packet to the second 

network if the origination address for said compared 
data packet matches an origination address on the list of 
origination addresses. 

14. The method of claim 12, further comprising: 
forwarding said compared data packet to the second 

network if the origination address for said compared 
data packet does not match an origination address on 
the Ust of origination addresses. 

15. The method of claim 12, further comprising: 
determining not to forward said compared data packet to 

the second network if the origination address for said 
compared data packet does not match an origination 
address on the list of origination addresses. 

16. The method of claim 15, further comprising: 
discarding said compared data packet. 

17. The method of claim 12, further comprising: 
determining not to forward said compared data packet to 

the second network if the origination address for said 
compared data packet matches an origination address 
on the list of origination addresses. 

18. The method of claim 17, further comprising: 
discarding said compared data packet. 

19. The method of claim 12, further comprising: 
recording said step of comparing if the origination address 

for said received data packet matches an origination 
address on the list of origination addresses. 

20. The method of claim 12, further comprising: 
receiving an updated list of origination addresses. 

21. A method for filtering a packet sent from a first 
network to a device, comprising: 

receiving a data packet from the first network; 

determining an origination address for said data packet; 

comparing the origination address for said received data 
packet with a list of origination addresses, wherein said 
comparing is performed in between physical layer and 
data link layer of a protocol stack followed by said 
processor; and 

determining whether to forward said compared data 
packet to the device based on said comparison. 
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